search

apigee-127 / swagger-tools

A Node.js and browser module that provides tooling around Swagger.
MIT License
701 stars 374 forks source link

update lodash #613

Open firefoxNX opened 4 years ago

firefoxNX commented 4 years ago

lodash version 4.17.4 had critical vulnerabilities which were fixed. can we upgrade to latest version of lodash?

mastermatt commented 4 years ago

@firefoxNX this repo library isn't maintained anymore. But it's dependency on LoDash is^4.17.4, which means it doesn't restrict consumers from upgrading to new minor and patch versions. There's no reason why you can't run the current version 4.17.15 with Swagger Tools.